Technical Information Security Specialist

Job ID: 15564 

Do you want to be a part of one of the most experienced Asset Management companies in Europe? Are you enthusiastic about designing and supporting the implementation of security solutions? Then we have an exciting career opportunity for you!

At Nordea Asset Management, we see that the world is changing fast and we want to be one step ahead of the curve. That’s why we’re deeply committed to providing the financial solutions of tomorrow to our customers.

We are looking for an Information Security Specialist with solid technical background to join the Information Security function. As an Information Security Specialist you will work on technical information security related tasks and play a vital role in embedding information security practices, controls, culture and communicating risks within Nordea Asset Management.

About this opportunity
 

The Information Security function is responsible for the maintenance and embedment of compliant information security and business continuity management frameworks, maintaining a consolidated view of information security and business continuity risks, and supporting the organisation in identification, assessment and treatment of these risks.  The function also supports the business in implementing compliant and relevant cyber security capabilities and monitoring adherence to cyber, information security and business continuity requirements.

You’ll join a motivated team which is a major contributor to the development of a technology focused Asset Management organisation in the international arena. You will work with colleagues and consultants both within the Security domain and across other areas to coordinate and utilize synergies. 

The role is based in Lisbon.

What You’ll Be Doing

• Engage with the chief information security officer, cybersecurity teams, the enterprise architecture, cloud teams, and solution delivery.
• Consult with solution architecture, IT and cloud infrastructure teams to efficiently integrate requirement and technology solutions.
• Review proposed security patterns, solutions and present security concerns.
• Serve as information security subject matter expert and trusted advisor.
• Translate strategical objectives into security requirements, architectural patterns, processes, and governance, for both technical and non-technical teams from product development to operations.
• Guide managers and technologist on information security controls and control design in general and specific to cloud security, foresee the needs of the stakeholders in order to consistently meet or exceed defined levels of security.
• Work with business units and technologists to identify (Information security, Cyber and control) risks and support the implementation of security controls to mitigate them.
• Support the implementation of best practice and global standard aligned processes.
• Supporting in the creating of ISMS (ISO 27001 – NIST) and companywide security policies.
• Help articulate risk appetite concerning information/cyber security risk.
• Support remediation activities to ensure that internal audit, legal and regulatory requirements are met.
• Provide knowledge and expertise as security consultant when needed.

Who you are

Collaboration. Ownership. Passion. Courage. These are the values that guide us in being at our best – and that we imagine you share with us.  

To succeed in this role, we believe that you:

• Have professional communication skills and an ability to effectively create influence with your interactions.
• Are independent, conducting independent assessments, and drafting proposals based on these, while contributing to a great team performance.
• Thrives with tight deadlines and ambitious targets
• Team-oriented person with a global attitude and positive spirit.
• Solid technical and analytical skills and the ability to apply them to processes, and control designs
• Fluency in English (spoken and written) required, with efficient skills in using Microsoft Office tools.

Your experience and background: 

• You have minimum 5 years of experience working within the information and cyber security domain.
• You have a fundamental understanding of software development processes and procedures and know how to improve technical outcomes by shaping processes and the work environment.
• You are have a fundamental understanding of security architecture in hybrid environments.
• Experience with advanced security topics such as authentication protocols, identity and access management systems (AWS, Azure, Active Directory, Incident Management, Network, Endpoint security, etc.)
• Technical background that enables you to support the design, build, document, deployment of a secure cloud platform.
• It will be beneficial if you have at least one of the following certifications CISSP, CISM, CCSP or equivalent.

If this sounds like you, get in touch!

Next steps

Submit your application no later than 31/03/2023.